Posted
by
michael
on Tuesday September 10, 2002 @02:50PM
from the buchanan-wins-again dept.

LowellPorter writes "Miami-Dade and Broward counties are having voting problems. After the 2000 election problems, new voting methods were installed including touch screen technology. Some times the problems were with workers not showing up, poor training, or mechanical problems. It doesn't look like they cleaned up the system there." Not all of the problems mentioned in the article are due to the new proprietary voting machines, but many of them are.

Don't forget that it has to be insanely easy to use, with extremely clear instructions and adaptable to an infinite number of configurations for different polling uses.

It also has to be capable of verifying that the voter is valid, that the ballot is valid, and that it itself is valid (i.e. - has not been tampered with).

You either need secured local storage or a secure connection to another storage facility (whether that be onsite or offsite). If local, you need to make sure the data won't be destroyed by substandard handling (see below).

It must be rugged, portable, easy to setup, and low cost.

It must save state, so that if it does crash the current voter doesn't get screwed. Optimally they should be able to go to another voting machine to finish their ballot.

Let us know when you've finished. Don't forget this is both a hardware and software solution. We'll be waiting.

It seems straight forward so long as you hire a decent project team to see it through. Unfortunately is is more likely that inexperienced people ran the project (probably relatives or friends of some politician), it was a low cost bid (sometimes you get what you pay for), there was poor user interface testing, and a raft of other government requirments/corruptness screwed up the project.

Maybe they should have hired Apple to build the machines. Presenting: "iVote"!

Intuitive --- check. Everyone knows how to make marks on paper. Put an X in the box next to the name of your candidate. Because the slips aren't machine-read, you don't have to cater to the machines, so you can put the boxes next to the candidate's name.

Self-validating --- check. The human who counts the voting slip can tell at a glance if it's been filled out correctly. You can verify that each person has voted only once by keeping a list of people eligable to vote at each polling station, and crossing their names off the list.

Secure storage --- check. Well, not quite. You need a box with a padlock on it and a slit in the lid, and a seal to indicate tampering. Seals are old technology. Trivial money from your local hardware store.

Rugged, portable, low cost --- check. Carboard is cheap. Printed cardboard is cheap. It's also tough; if you use pencils rather than pens, then even if a filled box is submersed in water, the votes can still be read (carefully).

Saves state --- check. Each vote is physically encoded on to a piece of cardboard, which can be counted as many times as is necessary to get it right. Won't crash. Ever.

So: we have a cheap, simple, secure voting system that's hard to spoof (with adequate physical security), easy to use, and with excellent accountability. You still need to count the votes, of course; here in the UK, we use volunteer bank tellers, who are really good at this sort of thing. The system scales really well, because each voting region is sized by population, and each area has about the same ratio of bank tellers to non bank tellers. The votes are counted in O(n) where n is the number of votes in the largest area, and then the results are phoned in to a central location.

It does have to validate itself, period. If you don't then a hack of the system can invalidate every vote cast on it. Worse, it can fake the votes in such a way that you wouldn't be able to tell that they were invalid.

And you totally ignored the UI, ruggedness, and flexibility issues.

Not to mention that there appeared to be little or no problems with the voting machines. According to the article the problems were human ones.

You cannot trace who made what votes, or it could be used against a person.

You could have a data base that ties into a main DB to authenticate, so people could vote anywhere. then after than assign a "session cookie"/ballot (basically some sort of abs random key) to carry with them to a voting machine

If someone is tampering with the firmware of the machine, they obiously have access to the machine, and considerable time to update the firmware. If someone can do this, they can do all sorts of other nasty things to the voting. They can throw out boxes of cards. They can staff only their shady friends in the counting room. There are a ton of things that this person could do to mess with the voting process. Adding a machine that would require a huge amount of work to compromise correctly (writing a firmware virus!?!) seems like it might actually improve the situation.

Typically the first results pour in within a couple of hours of the polls closing. Almost all of the constuencies have been completely counted and agreed in the small hours of the following morning, enough to ensure that generally the leaders of the winning/losing parties have made their victory speeches or conceded by 2am. Generally it's rare anyone is still counting, save for recounts, after the sun comes up.

I know 2000 was a fiasco, but it was immediately clear to me (as a Brit in the US) that any announcement about winners and losers would have had to be on the basis of predictions, not results. America can be counted by that time not because of punched cards but because by a certain enough votes have been counted in each state for it to be clear which states are going to fall for to which candidates. Counting continues for days, even without recounts.

I honestly don't think punched cards, etc, help as much as they might appear. There's a lot to be said for accountable human beings counting. Not the least of which is that human beings know what it means when they see a piece of paper with two 'X's in it - one of which is scribbled on with the word "mistake". Punched card readers simply reject the vote, with certain nuts (generally, anyone who's won the election) saying that anyone who "voted twice" is too much of an idiot to have their vote counted.

Why the hell do they need a machine? What's wrong with the system that works so well and reliably in other places: using a pen, put a big cross in the box next to the person/answer being voted for. Any other marks invalidates the ballot slip. With sufficient parallelism, it's no slower than automated methods.

What's wrong with the system that works so well and reliably in other places: using a pen, put a big cross in the box next to the person/answer being voted for. Any other marks invalidates the ballot slip.

One thing that's wrong with that is it makes it ridiculously simple to invalidate ballots after they are cast.

Its easy to make a voting proces that works: print pieces of paper with the candidates names on them. The voter goes into a private area or "booth" and makes a mark by the candidate of their choice. These peices of paper or "ballots" are kept in a secure location until the voting period ends. They are then counted with representitives of the candidates and members of the public present.

This radical system is already in use in such exotic places as The UK, Canada and Australia. This system tends to be more accurate than mechanical devices and less open to fraud. The proces can also be completed in a matter of hours.

What is it with America's love of voting machines? The vast majority of countries don't use then, including most of the OECD - really the only reason for the US using machines is because they're stupid & vote on Tuesday, not Saturday. Yet they wonder why they have the lowest voter turnout in the world, afterall what percentage of people with minimum wage jobs get paid time off to vote? (the minimum wage is probably the mode average wage in the US, or close to it, as the US has the biggest gap between mode & mean average wages in the Western World,) Plus finding casual labour, for hand counting, & volunteer scrutineers, is much harder on a Tuesday, compared with a Saturday.

But haven't you bloody Americans learnt the KISS system - Keep It Simple Stupid.

This means no bloody machines, period !!! If Australia (& most of the OECD) can do hand counted paper ballots, then so can the US.

The only reason they use machine systems in the US is to cut costs, but the simple fact is they arn't as good - they invalidate more votes then hand counts do, they intimidate & confuse a good percentage of voters & they increase the odds of something fuking up (murphy's law)

Look at the mess, as well as the fucked up punch card machines you have counties with lever machines, other with optical machines, toggle switch machines, push button machines & also touch screen systems too. Then there are places like Oregon where all votes are of the mail in variety (which obviously discriminates against the homeless & disorginised). The simple fact is that huge numbers of people are intimidated with this complicated mess that's one of the reasons why most Americans don't vote & why the US has the lowest voter turnout in the OECD

Look at all the people that are intimidated by machines & even now still refuse to use Automatic Teller Machines, & there are plenty more people like that then just the illiterate, the elderly & immigrants that have poor 2nd language skills.

Its as if the bureaucracy in the US are on purposefully trying to discourage the masses from voting.

The only way to go is to Keep It Simple Stupid. Which means aiming at the lowest common denominator & designing a system that the stupidist simpleton can understand.

Which means 'X marks the spot' hand ballots.

That means a peice of paper with the candidates listed in a columne & another columne of boxes on the side with just one box next to each candidate.

Here are a couple of examples of 'KISS' paper ballots [optushome.com.au], the 1st one is an example of an Australian preferential ballot (any Americans who support 3rd parties should be demanding that the US system be made either preferential or proportional, otherwise no 3rd parties will ever make any long term headway), the 2nd ballot is an example of an ''X' marks the spot' ballot.

As far as counting goes the US should be doing what Australia does (& most of the rest of the developed world does similar) & hold the vote on a Saturday (I wonder how many blue collar workers in the US chose not to vote because of the incoveniance of voting on a Tuesday), using local schools as voting centres. Then leasing indoor stadiums & convention centres nationwide which are to be used as counting centres for the thousands of temp workers employed to count the votes. Each counter also has a Labour & conservative scrutineer looking over his/her shoulders.

It's extremely rare for results to not be known before the weekend is out (actually results mostly come out on the Saturday night, meaning people can go to election result parties & still be ok for work on Monday)

Sure its labour intensive, but as any UN election observer will tell you this is the best system if you want high turnouts with low rates of invalid votes & a result that's as accurate as can be, by Monday morning at the latest (actually in the vast majority of elections we know who's won by about 8pm the same night).

Now I bet someone will think 'oh but the US is much bigger than Australia', well my answer is no problem, the US having a nationwide hand paper ballot election would be no different than if Australia the UK, Germany the Netherlands & the Scandinavian countries all voted the same day, IE there's no reason to think it won't scale up fine.

Also all politicians must be removed from any decision making processes as far as the running of elections are concerned, etc.

Look at the way democratic afiliated local officials OKed the hand count iin Palm Beach & then the Republican Florida SoS blocked the hand count (& she was Bush's co-campaign manager, which makes it an even worse conflict of interest). That sort of thing is unheard of in Australia. Where an Independent Australian Electoral Commision [aec.gov.au] administers federal elections & the various state electoral commisions administers state & local elections.

No politians are involved anywhere in the decision making process (except for calling the date of the election). As far as recounts, re-votes, referendums [aec.gov.au] (in Australia politions can't amend the constitution, only the people can through referendums. Where a majority of the total votes & a majority in a majority of states, responds 'yes' to the amendment) & by-elections, etc are concerned only the electoral commision can make decisions regarding them. Although anyone can appeal to the commision's court, for a recount or re vote or something. Whether such appeals are successful is another matter.

Then there are places like Oregon where all votes are of the mail in variety (which obviously discriminates against the homeless & disorginised).

You have to provide an address to register to vote in Oregon anyway, this was true before vote by mail, so it is no more discriminatory against the homeless than the traditional system.

Why is an address required? Because many votes are regional in nature, in other words I can only vote for Congressional candidates in my Congressional District, and your stated home address is used to determine your precinct voting station, Congressional District, state office districts, etc.

In Australia, are you allowed to simply walk into any polling venue in the country and vote? Are you not asked for identification? (identification, such as a driver's license or non-driver's ID card, requires an address here in Oregon, too). If you don't have to provide ID and address, what is to prevent you from voting several times in several different polling stations?

Vote by mail is a great convenience for folks like my father, who is elderly and a semi-invalid, yet still bright. The convenience of being able to sit in your own living room, studying ballot measures and candidates, the arguments for and against published in the voters guide (which often runs in excess of 100 pages), is a great convenience for folkd like my elderly father.

Vote by mail is a smash hit here in Oregon. None of the predicted problems have materialized. Among other things it would seem to fit your KISS criteria exceptionally well. And it requires a paper ballot, you should like that as well.

Being Canadian, I had the same initial reaction as you, but you don't understand the U.S. voting system. Voting in the U.S. is like filling out a tax form... it just goes on forever and ever. You have to vote for everything at once - local, state, etc., and there seem to be "sub votes" within them. Not to mention, they elect their judges and senate.

I know what you're feeling though - in Canada we use a pencil and a piece of paper. There are, say, 5 local candidates, each with a little box beside their name and you vote for one of those five by putting an 'X' in the box. However, we don't vote separately for the leader of the country, since we have a parliamentary system. Plus, our senate and judges are appointed by elected officials.

It does make sense though, with such low minimum wages, that the U.S. could afford to just hire people off the street to hand count ballots.

As for storing them electronically, that's a bad idea. Most people would not (and should not) accept various decaying charges on a vast bank of capacitors (I'm speaking of DRAM, of course), or magnetic deviations on a disk as proof of someone's vote. There really needs to be physical evidence that a real person can see and verify, or else the system can too easily be corrupted.... all of a sudden I feel like I should go and get all my money out of the bank!

The voting machines failed because they're closed source. Had they only GPL'd the code, an army of volunteer geeks would have found every bug and made the machines rock-solid and impervious to any failure! If only Miami-Dade had thought of that!

Uh, moderators, that's Funny, not Insightful. I'm sure it was meant as a joke. I think it's called sarcasm. Unless everybody truly believes that just because something is released as open source, that super-guru programmers are going to jump in and spend time testing and fixing it if they don't have any personal motivation for doing so. Maybe everybody does think this though, and my opinion is the minority. I've been wrong before.

Sounds like a good place to live-test it though. Find the place where the least competent users are, and then let 'em at it. Once it works for the small-town non-tech people, then the rest of the population shouldn't have too much of a problem with it.

Something I have never worked out is how to ensure that people can only vote once, whilest maintaining their privacy.
Dropping a piece of paper in a box is very well, but for online votes I assume they give you a number which you have to type in to vote. One number, one vote. But surely, there must be a list of these to avoid duplicates. So it's then easy to tie a vote to a person.
Also, couldn't someone guess numbers, and up their favourite political party?
Anyone have any insight as to how it's done?

Guessing the number is more difficult to stop. I'm not sure how they do it exactly.

The only way you've ever been protected while voting is by legal action. Keeping track of who votes for who is easily done with any voting method. It's the laws that protect against that, not the system.

When I lived in Arkansas, not only did they mark you off a list of registered voters, they also numbered your ballot and wrote that number by your name. If they wanted to, they could come back later and look up your name, get the ballot number, pull the ballot and see how you voted. I found that somewhat disturbing, but apparently the state supreme court found that it was legal. Somehow.

I'd like to see some evidence that there wouldn't have been any problems if it'd been done with open source.

Reading the article, it says their problems were mainly mechanical problems and logistical ones - machines not working (says nothing about the software) and clerks not showing up at the voting locations (oh, yeah, that one'd be solved by OSS, riiiiiiight).

No touch screen system involved in my county (Brevard) - just color in the circle with a provided marker/pen on a piece of paper. Then slide the ballot into a counting machine on the way out. The machine processed my ballot in a second or so and the little LCD display on it had a counter that incremented. Easy. Go vote!

(look what 20 bloody Wahhabist nutcases achieved with just a Stanley knife each)

What is it with America's love of voting machines? Most countries don't use them - really the only reason for the US using machines is because they're stupid & vote on Tuesday, not Saturday. Yet they wonder why they have the lowest voter turnout in the world, afterall what percentage of people with minimum wage jobs get paid time off to vote? (the minimum wage is probably the mode average wage in the US, or close to it, as the US has the biggest gap between mode & mean average wages in the Western World,) Plus finding casual labour, for hand counting, & volunteer scrutineers, is much harder on a Tuesday, compared with a Saturday.

But haven't you bloody Americans learnt the KISS system - Keep It Simple Stupid.

This means no bloody machines, period !!! If Australia (& most of the OECD) can do hand counted paper ballots, then so can the US.

The only reason they use machine systems in the US is to cut costs, but the simple fact is they arn't as good (they invalidate more votes then hand counts do, they intimidate & confuse a good percentage of voters & they increase the odds of something fuking up (murphy's law)

Look at the mess, as well as the fuked up punch card machines you have counties with lever machines, other with optical machines, toggle switch machines, push button machines & also touch screen systems too. Then there are places like Oregon where all votes are of the mail in variety (which obviously discriminates against the homeless & disorginised). The simple fact is that huge numbers of people are intimidated with this complicated mess that's one of the reasons why most Americans don't vote & why the US has about the lowest voter turnout in the OECD.

Look at all the people that are intimidated by machines & even now still refuse to use Automatic Teller Machines, & there are plenty more people like that then just the illiterate, the elderly & immigrants that have poor 2nd language skills.

Its as if the bureaucracy in the US are on purposefully trying to discourage the masses from voting.

The only way to go is to Keep It Simple Stupid. Which means aiming at the lowest common denominator & designing a system that the stupidist simpleton can understand.

Which means 'X marks the spot' hand ballots.

That means a peice of paper with the candidates listed in a columne & another columne of boxes on the side with just one box next to each candidate.

Here are a couple of examples of 'KISS' paper ballots [optushome.com.au], the 1st one is an example of an Australian preferential ballot (any Americans who support 3rd parties should be demanding that the US system be made either preferential or proportional, otherwise no 3rd parties will ever make any long term headway), the 2nd ballot is an example of an ''X' marks the spot' ballot.

As far as counting goes the US should be doing what Australia does (& most of the rest of the developed world does similar) & hold the vote on a Saturday (I wonder how many blue collar workers in the US chose not to vote because of the incoveniance of voting on a Tuesday), using local schools as voting centres. Then leasing indoor stadiums & convention centres nationwide which are to be used as counting centres for the thousands of temp workers employed to count the votes. Each counter also has a Labour & conservative scrutineer looking over his/her shoulders.

It's extremely rare for results to not be known before the weekend is out (actually results mostly come out on the Saturday night, meaning people can go to election result parties & still be ok for work on Monday)

Sure its labour intensive, but as any UN election observer will tell you this is the best system if you want high turnouts with low rates of invalid votes & a result that's as accurate as can be, by Monday morning at the latest (actually in the vast majority of elections we know who's won by about 8pm the same night).

Now I bet someone will think 'oh but the US is much bigger than Australia', well my answer is no problem, the US having a nationwide hand paper ballot election would be no different than if Australia the UK, Germany the Netherlands & the Scandinavian countries all voted the same day, IE there's no reason to think it won't scale up fine.

Also all politicians must be removed from any decision making processes as far as the running of elections are concerned, etc.

Look at the way democratic afiliated local officials OKed the hand count iin Palm Beach & then the Republican Florida SoS blocked the hand count (& she was Bush's co-campaign manager, which makes it an even worse conflict of interest). That sort of thing is unheard of in Australia. Where an Independent Australian Electoral Commision [aec.gov.au] administers federal elections & the various state electoral commisions administers state & local elections.

No politians are involved anywhere in the decision making process (except for calling the date of the election). As far as recounts, re-votes, referendums [aec.gov.au] (in Australia politions can't amend the constitution, only the people can through referendums. Where a majority of the total votes & a majority in a majority of states, responds 'yes' to the amendment) & by-elections, etc are concerned only the electoral commision can make decisions regarding them. Although anyone can appeal to the commision's court, for a recount or re vote or something. Whether such appeals are successful is another matter.

The first clue is that these are South Florida voters. In the past, they could not even figure out what a simple, black arrow on a paper ballot means. We are talking the dumbest people on the planet. So why is it any surprised that a machine with buttons on it is confusing them? No matter what they do, they will end up voting Buchannan anyway.

Yeah, some of them were so stupid as to have VISION PROBLEMS! I mean, how dumb do you have to be to get myopic.

When I looked at the ballots in question, I instinctively lined up the candidates exactly how those mistaken voters did. Yes, only for a second, but if I can do it a bunch of retirees (who unlike most of you boneheads actually have the sense of social responsibility to go out and vote) could also have made a mistake and not caught themselves. These ballots were horribly designed.

But of course, this is slashdot, where the average poster is saddled with such a monumental self esteem problem that they have to denigrate the intelligence of everyone else to make themselves feel better.

Would any of these problems be solved with an open source solution? Do these problems have anything at all to do with the fact that the solution is closed source? Is the fact that these systems are closed source ironic, or telling in any way?

Would any of these problems be solved with an open source solution? Do these problems have anything at all to do with the fact that the solution is closed source? Is the fact that these systems are closed source ironic, or telling in any way?

Yes, yes, and yes, it is telling.

Openness is absolutely critical to fair and free elections, and that applies to the technology as much as it does the people. Who knows what is being done with the data being collected, or how it is being massaged. Is every electronic vote counted? Do we know that the results being reported are accurate, or whether or not a systemic flaw (or deliberate alteration) in the software is causing every Nth republican or democratic vote to be dropped? No, we don't know this, because the software's source code is unavailable for public review, much less peer review.

There are all kinds of Microsoft apologists (not saying you are one, but the vast majority of posts taking a tone similiar to yours are, as evidenced by their posting histories) quick to point out that having untrained election officials has nothing to do with the closed source nature of the software, yet eagerly glossing over the profoundly obvious fact that if the election software is closed source, no amount of training can insure that the software is unbiased and the election results fair.

So the point is relevant, even if it does rub the closed source advocates and Microsoft zealots the wrong way.

First of all, the parent post wasn't saying anything to the effect of the fairness of the machines' tallying methods. Any system can be compromised by unscrupulous character, be it manual hand counting or rigged counting algorithms.

The point the parent's post was making is that the article was titled in such a way that the root cause of the problems experienced was that the voting software was closed source. Not only is that sensationalist, it's simply untrue. Any system can break if those expected to use it can't figure out how to do so.

So the story had nothing to do with the fairness of the machines, and little to do with technical problems within the software itself. It certainly made no case that any of it could have been solved with open source. So please, editors, stop trying to make these stories into something they're not.

I live in Chicago. It isn't paranoia, it is experience. Election fraud is an ugly, real part of life, and any system that is open to abuse will be abused by one party or the other.

Closed source, proprietary systems whose inner workings are not open to public review and peer review are vastly more susceptable to this sort of thing than open, easilly examined and proofed source code are.

You need to read the link to the older slashdot story about these voting machines in order to understand the closed vs open source part of the headline.

Basically, the voting machines are closed source in the sense that nobody knows how they work, although the company providing them "guarantees" their accuracy. There was mention of a candidate who recently sued the state demanding to know how the machines worked (I'm assuming there were allegations of inaccurate couting), but the state refused the suit because forcing the company to reveal how the machines work would void the warranty.

In other words, they're "closed" because the public is not allowed to know how the machines that count their votes are doing it.

1. The article doesn't tell us that the software is proprietary. Nor does it tell us that most of the problems are due to the use of closed software. Anyone wondering if Slashdot is an example of journalism or just a bunch of poseurs-for-hire tossing words around need look no further.

Have you *ever* seen v1 of a system work flawlessly? It's so immature to toss the word "proprietary" in here, as if to insinuate that being open-source would fix anything. There's tons of open-source programs in v1 status with bugs. Anybody see any news headlines when Mozilla 1.0 came out and there were bugs in it? No? End of story.

If anything, its just an indication that we're running out of things to replace with computers...;) Lets just hope IT investors didn't read your post or they might start thinking that there are some areas in which Computers Dont Solve Your Problems (tm).

No one will ever know within any reasonable confidence who actually had the highest number of votes. You simply cannot take that many votes with any non-fascist system and have perfectly accurate results.

Its not possible. You might think you know, but you can't know.

Especially you cant do it with punch ballots, which get less accurate after every counting/handling/moving. IF you've ever worked with a box of those ballots before, well, its pretty simply clear. You take them out of a box and whats in the bottom? A big pile of loose chads.

Anyways, a good solution might be to have a runoff if the election is within the accepted margin of error. Let em keep going at it until someone wins by a large enough margin that it is undisputable. Or something.

it was more than that. There was a thick black line between each entry. The line was very similar to the arrow line except that it didn't have the small arrowhead and it was much longer. I tried squinting to see how an old person would see the ballat (I could read the names, but that big line sure looked more tempting than the little short line).

The bottom line though, is this: it is the citizens duty to properly execute the ballot. After it leaves his/her hands, its the duty of the government to properly handle it.

Can't? Ask someone to read you the choices and point out where to make a mark. Blind? Your responsibility to ask for a braile version or ask for help. Don't understand it? Cant figure out the instructions? Confused? Mystified?

"Lusers" angle notwithstanding, it was a *terrible* layout for the ballot. There are zillions of ways that the design of the ballot could have alleviated the concerns expressed by some voters.

Just because *you* can do something doesn't mean everybody else should be able to. There is tons of literature in usability, design, etc that show that there are tons of ways of influencing a reader or user into acting a certain way, one way or the other. I'm not saying anything was done intentionally in the case of Florida's ballots. What I will say is that I have a lower opinion of your type of self-affirming drivel than somebody who mistakeningly voted for the wrong candidate. Your view is just as closed minded as somebody asserting that the design of the ballot was *solely* responsible for miscast votes.

Many readers of SlashDot.org will be happy to point out the fact that open
source software, such as Linux, presents the user with a more secure, more
auditable, and more correctable product in general. However, this is not
the reason why open source electronic voting machines would work better
than their proprietary cousins. The fact of the matter is, open source
programmers are scared into learning about and understanding
computer security by the close scrutiny of their peers, whilst proprietary
software developers are free to stroke their egos as they write poor,
insecure code that never sees the light of day.

Some may say this is a bold statement, so I will provide examples to back
it up:

Windows NT 4.0 contained several well-known backdoors that
allowed non-admin users to pop their code straight into kernel space. This
was done with "ease of use" for developers in mind, and since the OS was
closed-source, nobody questioned the poor design. The Microsoftie who
wrote it obviously conferred with several other Microsofties, who, lacking
security training, had no idea it was not the Right Way(tm) to do things.

In contrast - Andrew Morgan's continuing work on the Linux privileges
project is the antithesis of Microsoft's uneducated, misguided attempt to
build a secure OS. Andy started out as we all do - with a naive view of
computer security and interprocess authorization. However, he learned from
the masters, and quickly designed and implemented a rock-solid privilege
foundation that is used, in its original form, to this day in the
Linux kernel. Granted, few distributions other than OpenWall Linux take
advantage of it (which is sad) - but if they did, we would all be much
safer from the threat of root compromises.

The Windows 2000 FTP daemon has been notoriously insecure, in
contrast with open source products like MuddleFTPd and ProFTPd. Why?
Because the coders who wrote this security-critical part of the system
just didn't care.

And that is my point with these voting systems: they are produced with the
bottom line and a fat contract on the line, not produced by people
who actually care about developing a product that encapsulates
accountability, security, and accuracy. In other words, these products are
developed by your stereotypical non-geeks who buy a CS degree "so they can
make more money." And those, my dear friends, are the enemy of everybody
in our profession.

The Windows 2000 FTP daemon has been notoriously insecure, in contrast with open source products like MuddleFTPd and ProFTPd. Why? Because the coders who wrote this security-critical part of the system just didn't care.

I'm also curious about Win2k ftp being insecure. I can only remember one exploit, do you have a list of other exploits? There have certainly been exploits of Proftpd as well, so I'm curious really how you justify your claim.

This appears to me to be a stack of unsubstantiated assertions combined with gratuitous insults about the skills and ethics of professional developers. In other words, the usual claims that developers who don't get paid are better than developers who do get paid.

More importantly, even if all these assertions are legitimate, how is somebody supposed to get open source developers under contract? A common thread running thorugh the open source development community seems to be that individual developers work on what interests them. Is the State of Florida supposed to trust that some amorphous cloud of open source developers will build better voting machines and continue to provide support for decades?

I suggest a new voting system for those counties/states where a significant percentage of the voting population seems unable to grasp the mechanics of voting: randomize the layout of politicians so that misvoting doesn't bias the final count.
Then maybe we can at least focus on the education/UI issue, rather than getting bogged down in partisan bickering over and interpretation of election results.

We need to give up on these fancy high-tech solutions that are so buggy and difficult for old people to use. Go with what they know, and what works...
Make the ballots like bingo cards. Give each voter a card and a daubber. I've seen grandmothers that can't work a toaster, but they can turn around and fill in 10 different bingo cards at a high rate. Not to mention that you almost never see them make a mistake filling out one of those cards.
This would solve the whole boot problem and software bugs. The logistics of it would be no different than the old punch cards, but with a lower chad pregnancy rate.

2) Insert that sheet into something that looks like a oversized Votematic machine.

3) It will work like a Votematic punch card machine, but instead of punching holes in the ballot sheet there is enough area exposed on the ballot where you mark off your choice with a small ink stamp.

4) Once the voting is finished, you give the completed ballot to the people at the voting station and they will do a preliminary optical read (without revealing what was voted on) to make sure the voter has marked off all the right spots; this will prevent double-voting, not marking in the right area, etc.

5) Once that is verified and the voter says they are satisfied with what they voted for, the voter gets a receipt proving they have voted.

The advantage of using a marker to make the selection is that the ballot can be both machine read AND hand-counted easily. That way, the accuracy will be very high indeed.

The biggest problem with these machines is that unlike most software it appeals to an extremely small market AND one where there are very low margins.
It is hard to attract top software talent to write good code for these machines.
Given the scenerio above, open source actually does make sense because it is the only way you'll be able to get solid talent for nothing!

One of the main problems with voting is that each individual voter doesn't know if their vote was properly counted, and has no recourse if the their vote was miscounted. One reason for this limitation is that the vote is anonymous, so you can't keep track of what happened to your vote.My idea is to give each voter a secret unique identifier randomly generated at the poll. An online database would keep track of which identifier went with what vote. Then, anybody who had doubts about thier vote could look up to see if they were counted properly. If not, they could use thier receipt to petition for a revote. In the event that enough people complained within the deadline, the entire vote would be redone.

Sorry, but it's unconstitional in many states (Colorado is one) to use any polling method that can be used to prove how an individual has voted.

This is a basic technique to prevent vote selling (or vote coercing, e.g., "vote for my candidate or you're fired/will lose the account/will never marry my daughter/whatever.") If you can prove how you voted, others may be tempted to "encourage" you to vote a particular way. If you can never prove it, you can lie.

1) What's to stop someone from lying and claiming that their vote was miscounted once the votes had been tallied, or being coerced/bribed/persuaded into fraudulently changing their vote after the fact?

2) If a complete re-vote could be forced simply by a large number of complaints, with no means to tell if the complaints are valid or not, then a large enough group of unscrupulous (or misguided) voters could challenge any election which didn't give the results they wanted. (Combining this with existing voter fraud techniques could create a block of phantom voters just for this purpose.)

3) What's to prevent someone else from reading and/or challenging your vote if they obtain your number, or if they are able to fraudulently generate a valid random identifier?

4) When someone comes forward to claim that their vote was miscounted, they'd no longer be anonymous. Sure, they could use their secret number to check the status of the vote and remain anonymous (technical issues aside) but at some point the person casting the vote would need to identify themselves in person before casting a corrected ballot. Remember, the result of your vote is anonymous, but you aren't; you must register and be identified before you're a valid voter.

Come to Belgium in june 2003 and watch us vote electronically. As we have been doing for the last few elections.It isn't that difficult. You go to the voting-office.You prove your ID (national ID-card)Instead of a piece of paper you get a kind of bankcard (of visa/master-type) or a card with chip. (I am not sure) You plug your card into the computer.You vote (once, although it can be for more then 1 election. We have about 9 governments, I think. Hell, even we can't keep count)You take your card back.You put it in a box with the others.The card doesn't have information about you.The card-info can't be changed after voting.At the latest one, you could put it back in, and check if it contained the right vote.The government knows that you have voted (it is required) once. (see above: ID-reg)The cards get collected from around the votingdistrict, shoved into a coutingcomputer.

And you know what?It works.

Perhaps the older people, might ask some help.Why don't you just buy the tech from us, hey.:)If your are interested, we even have electronical wallets, called 'proton'.

The card doesn't have information about you.
You think.
The card-info can't be changed after voting.
You think.
At the latest one, you could put it back in, and check if it contained the right vote.
You can check that it shows you the same thing you entered, yes.
The government knows that you have voted (it is required) once. (see above: ID-reg)
I thought you said it didn't have any information about you. But you say that the card contains both the vote and an identifier that can be tied to an individual.
The cards get collected from around the votingdistrict, shoved into a coutingcomputer.
Where you hope they get read accurately.

The whole problem is that everything looks great. But there's no real accountability that you've described to us. There's no proof that your vote ever gets recorded on the card, or that it can't be changed later, or that what you put on the card is what got transferred to the central computer. The existence of the card is a plus, though - it means there's some physical evidence of your vote - but the data on it is just electronic, and subject to being changed with no record of the change.

This is a disaster. A disaster like this can only come from one source: upper management.

I'm a government IT worker. While I'm mostly uninvolved with the election stuff, I do enough with it to understand all the stuff that goes on to make sure the votes are as close as possible.

This has nothing to do with software or even computers. This has to do with human stupidity, laziness, and lack of training. Prior to the election, the precincts receive training from an offical (usually from the county courthouse). The poll workers are trained to do their jobs, they don't just show up at 6:45. They've obviously never been introduced to the new hardware, let alone taught basic troubleshooting. And what's with poll workers not showing up? late? Take them out back and give em a good ass kicking. No excuse for that. They have a job to do, and when it's as important as electing the next officials, you just don't do that.

Whoever is managing/training these folks needs to be shot. At the very least, fired. Obviously those who were supposed to do their jobs didn't.

Now, a word about these ATM/kiosk thingies. Sounds to me liked they were working ok. If the case was that they blue screened and incorrectly tallied votes, that again falls back on someone who didn't test the system. Sounds like everything performed as designed, the blame lies on the idiot poll workers and the trainer who didn't do their job.

Why don't we use computers for all voting now? --Well in many cases we do, but you just don't know it.

Where I live, and in many places througout the US we have these ballots where you use your little marker and complete the arrow pointing to the candidate of your choise. Once you complete your voting you take your ballot and feed it into a machine I got news for you.. IT'S A COMPUTER.

One of the main reasons no one has trouble with this is that the average person is removed (even if ever so slightly) from the "computer". The system seems to work fine with no major issues and has for several years.

The we have the Technophobe Factor. As soon as you let people know they are actually dealing with a computer, all of a sudden it gets too complicated. Why? there is no real reason. It could be that the software in that voting thing is designed poorly, but even if it is really aweful, it probably isn't all that bad.

There is a segment of our soceity that will never want to work with computers, avoiding them at all costs, loosing all common sense when dealing with them believing they are too complicated to understand. What's worse is there is NOTHING we can do about it. Many of these people are older, but surprisingly they all aren't. It isn't just older people, it isn't just artsy people, it's more of a mind-set then any particular demographic. These people aren't dumb either... although the fringe of them who do try to use the internet usually end up starting their tech support call as: "I am the dumbest person". - You know the kind who have had the Internet for six years and still haven't learned anything - Not cuz they can't but because they won't.

It's hard for us techies to understand their motive. I don't, but I do know it exists and have learned there is nothing I can do about it.

At this moment, the best we can hope for is to make it so these people don't know they are using a computer. Using paper that you draw a line to complete an arrow, modding an old voting machine so those comfortable levers hit the right contacts for a computer to do it. Just don't let people know they are using a computer!

Hopefully in a few years we can slowly, incrementally get them to use computers -just not yet apparently

Still people miss the point that the failure in Florida in 2000 was not the technology but the process.

Problem 1: No user feedback. You punch the chads, you hand in the card. No-one tells you what your card says, so you can agree that that is what you meant. There is no consistency checking. Everything is deferred until the stack of ballots go to the counting machine, by which time it is too late.

Problem 2: No defined recount procedures. There was a recount in a Michigan congressional race in 2000. The Michigan voters used the same machines as those in Miami-Dade. The Michigan recounters had clear, written, legal guidelines: if the chad is connected to the ballot by two or less connectors, it's a vote. Three connectors, it's not a vote. Miami-Dade and Broward had ambiguous language that was being interpreted on the fly by partisan election officials and reinterpreted in Tallahassee a day later.

Now, whoever bought these systems and bought the line of bull that said anyone could get them up and running with no training needs to be fired. Termination with extra prejudice if the machines are in fact unauditable.

The pen and paper system of balloting works. It scales linearly. Everyone understands it. But people live in Florida mainly because it's cheap. So they thought they could save on election costs by choosing a solution that was more expensive but requires a smaller fraction of the electorate to operate. Now, as in 2000, they're seeing that it doesn't pay not to value your vote.

You might want to check this [mit.edu]and this [mit.edu] out. Here is the findings of Caltech/MIT - Big PDF [caltech.edu] and Little PDF [caltech.edu]

It seems to me that open source would be the way to go, if only so any 'backdoors' or bugs can be found. 10 million stupid people or 5 million bored, smart people could really put our voting 'system' at risk.

This would also have the added benefit of removing the 'special interest' kickback that I'm sure the manufacturer/local politico is getting on some level.

Besides, what could be more patriotic (real patriotism, not bandwagon flags on your mailbox. ) than helping to create/debug a secure, fair, easy to use and accessible voting system? (Besides actually getting off your fat ass and voting.;)

Welcome to the Corporate Plutocracy. Just watch the TV and do what the nice newsman says.

She said many poll workers did not wait for the full six-minute activation procedure to occur and then became nervous and uncertain.

What, are they trying to boot WinXP on 75Mhz Pentinum I's ??

`They say they are having technical problems, but no one is taking responsibility for them. And they are treating us like we are morons.''

Sounds suspiciously like Msft to me. Let's all chant the EULA together now: "The VENDOR of SOFTWARE PRODUCT makes no warranty for it's fitness for use, and is not to be held liable for ANY damages due to defects in PRODUCT, either directly or consequential, so nyah-nyah-nyah-nyah. But we're DARNED SURE going to make sure you pay for each and every copy in use. PERIOD. You have no choice in the matter. You have already agreed to these conditions when you were born."

The biggest problems is lazy or braindead voting officials that never showed up for training or caused the bulk of the problems as far as the article alludes to. Although 6 minute boot up for a voting machine is plain stupid.. If these are laptop PC's with touchscreens then the company that made them needs to be hanged. There is no excuse for having something as simple as a voting machine taking more than 1 minute for boot, and download it's configuration from a CF card or some other configuration card or flash memory inside the unit.

and yes, and embedded system is the way to go.. you dont need Full color, you odnt even need touchscreen. all you need is a line of buttons.

Aside from the silly design of the voting machines... it looks like forcing your voting officials to attend training and make them accountable would be the most important step in fixing the trouble down there.

I understand why we need anonymous voting. But sometimes I think we need a system that has everyones votes associated with them in some way. I always worry about the old addage that you don't have to own the people casting the votes, you just have to own the people that count the votes.

In any system, paper, black balls, or electronic, the problem always exists. If everyone drops a black ball into a box, who is to say some slight of hand wasn't used change the contents. Just cause I hit the button for 1, and maybe even see the count for who I voted for go up by 1, who is to say that it won't go back down as soon as I walk away from the screen.

A division of the house/roll call vote is the only time when everyone knows the count was fair.

What we need is to figure out a way where I can check to see if my vote was counted, and counted correctly. If we are using electronic voting, maybe an electronic reciept of some kind. I could check what I voted at any time, and I could check to make sure "their" copy of my ballot looks like my copy.

For this to work, maybe even allow for the database of all ballots be able to be downloaded. I could then get a bunch of my friends together with the copy I have. Do my count, see if that count equals the main count, then spot check my friends reciepts. You could then concievably check an entire town/state/country.

Palm Beach County suffers from massive corruption. From this report [216.239.53.100] (using the Google.html cache because house.gov's.pdf crashes IE6 for some reason):

By a dramatic margin, the group most victimized in the Florida voting was African American Republicans. The new findings are stunning: African American Republicans who voted in Florida were in excess of 50 times more likely than the average African American to have had a ballot declared invalid because it was spoiled. Spoiled ballot rates also much higher for white Republicans than either white Democrats or African-American Democrats.

Remember kids, Democrats run Palm Beach County, they designed the "butterfly ballot", and yet somehow everything that went wrong in the 2000 election is all the Republicans fault. Yeah, right.

Machine voting might fix things, but if we can't see the source code I wouldn't trust it, not from these folks. Open Source is our best shot at addressing the trust issue.

Wouldn't it be easier to create a system that allows people to vote using a touch screen system, then instead of trying to save the data (which could easily be corrupted or lost,) simply print the ballot. It could print two copies, one for the person to take home as a personal voting record and one that they put in the polling box. The ballot that is given to the state could even be encoded so that it cannot be read without a computer in order to maintain privacy, while the copy the person keeps could be in plain english, spanish, or whatever language, so that they can confirm who they voted for. I think this would be a reasonable option that would be easier to setup (maybe.) If anything goes wrong with the machine, send them to another machine and start fresh.

Like Chicago, South Florida is an entrenched election-fixing political culture. If there is a way to "have trouble with the machines" so that the voting rules can be altered, they will have it. This is no plain cock-up with a new voting technology.

Voters in North Florida also had new voting machines to use, but they didn't have any trouble. It's not the technology, it's the system.

Gramps could have examined the source code and corrected the problems immediately.

Most of the folks running the polling places in FL are retired people with a well developed sense of civic duty but poorly developed technology skills. If anything, I suspect that these new voting machines will only exacerbate the problems. The new machines will most likely discourage many of them from volunteering as they are intimidated by computers. If you go to a bank here, you will see a lot of older people who will not use the ATM's out front.

Let's face it. The problems that were experienced in the last election had nothing to do with technology. Next time instead of disputing hanging chads and confusing butterfly ballots we will be hearing about confusing software, glitches, and misc system problems. We just blew a wad of money on nothing IMHO.

why anyone would *believe* the results tabulatedby software that was immune to public audit gatheredfrom complex and bug-prone devices operated by a secret mechanism is beyond my comprehension.

given the history of democratic elections around theworld and in the united states itself, it seemsmore than apparent that such devices, if theycontinue in use, will inevitably result in massiveelectoral fraud.

Personally, I think her ass should be in fucking federal prison for criminal tampering with the election process. Please follow me on this one. I have been picking this one up on the way all through the AP wires (I get access at work) and a good book by Michael Moore called Stupid White Men that I have been reading.

Shortly before the election even began, Katherine Harris decided to expunge the system of any felons that might be in the system. Those felons were (by vast majority in America on average) usually of African-American descent. Finding and removing all of these felons would have been a herculean task, so Katherine Harris and all of her election board members decided to go with a close match criteria to expedite the removal of felons in the system. The Election Commission also sent out memos to other states to give them lists of other possible felons that may have moved to Florida. Take a big stab on the only state that gave them a possible list.

TEXAS. That's right. Texas.

SO WHAT WAS THE OUTCOME OF THIS? Thousands, and I mean thousands, of African-American voters that were NOT FELONS got turned away at the polls for matching up all of their kangaroo court requirements. THOUSANDS OF AFRICAN AMRERICANS, CITIZENS WHO EARNED THEIR RIGHT TO VOTE THE HARDEST WAY IN AMERICA COULD NOT VOTE. Imagine getting to the polls and getting turned away. Now imagine being black in America and getting turned away.

Here's another one: Entire districts were lost or counted as null or erroneous in Florida elections... or the locations were moved entirely. TAKE A STAB ON THE MAKEUP OF THESE DISTRICTS. If you guessed African-American, you'd be dead on the money. This is a PROVEN FACT. The election commission only messed with black districts.

DID KATHERINE HARRIS AND ALL OF HER ASSOCIATES GO TO JAIL? No. Actually she ran for US Senate. What a payback to get all of that campaign funds. I wonder where she got them.

In an interview Katherine Harris said that if Gore had been nice to her, he might have been president. After the fact, that ego alone tells me that all of the allegations are pretty much true. That statement alone wants me to see her go to prison even more.

So here is the question... with all of this crap going on in the system. Why is it that we don't vote? BECAUSE IT DOESN'T MATTER. THATS WHY. But many of us are out there for the reason to get our votes back. And we will. We will be watching the election commissions. You all should. Especially in America, where election commissions are appointed by the local bigwigs.